Package org.apache.sshd.common.config.keys

Class OpenSshCertificateImpl

    • Field Detail

      • keyType

        private java.lang.String keyType

      • nonce

        private byte[] nonce

      • certificatePublicKey

        private java.security.PublicKey certificatePublicKey

      • serial

        private long serial

      • type

        private int type

      • id

        private java.lang.String id

      • principals

        private java.util.Collection<java.lang.String> principals

      • validAfter

        private long validAfter

      • validBefore

        private long validBefore

      • criticalOptions

        private java.util.SortedMap<java.lang.String,​java.lang.String> criticalOptions

      • extensions

        private java.util.SortedMap<java.lang.String,​java.lang.String> extensions

      • reserved

        private java.lang.String reserved

      • caPubKey

        private java.security.PublicKey caPubKey

      • message

        private byte[] message

      • signature

        private byte[] signature

    • Constructor Detail

      • OpenSshCertificateImpl

        public OpenSshCertificateImpl()

    • Method Detail

      • getRawKeyType

        public java.lang.String getRawKeyType()
        Description copied from interface: OpenSshCertificate
        Retrieves the raw SSH key type of this certificate.
        Specified by:
        getRawKeyType in interface OpenSshCertificate
        Returns:
        the key type, for instance "ssh-rsa" for a "ssh-rsa-cert-v01@openssh.com" certificate

      • getKeyType

        public java.lang.String getKeyType()
        Description copied from interface: SshPublicKey
        Retrieves the SSH key type.
        Specified by:
        getKeyType in interface SshPublicKey
        Returns:
        the SSH key type, never null.

      • getSerial

        public long getSerial()
        Description copied from interface: OpenSshCertificate
        Retrieves the serial number of this certificate.
        Specified by:
        getSerial in interface OpenSshCertificate
        Returns:
        the serial number

      • getId

        public java.lang.String getId()
        Description copied from interface: OpenSshCertificate
        Retrieves a free-form text set by the CA when the certificate was generated; intended to identify the identity principal in log message.
        Specified by:
        getId in interface OpenSshCertificate
        Returns:
        the id; never null but may be empty.

      • getPrincipals

        public java.util.Collection<java.lang.String> getPrincipals()
        Description copied from interface: OpenSshCertificate
        Retrieves the principals mentioned in the certificate.
        Specified by:
        getPrincipals in interface OpenSshCertificate
        Returns:
        the collection of principals, never null but possibly empty

      • getCriticalOptionsMap

        public java.util.SortedMap<java.lang.String,​java.lang.String> getCriticalOptionsMap()
        Description copied from interface: OpenSshCertificate
        Retrieves the critical options set in the certificate.
        Specified by:
        getCriticalOptionsMap in interface OpenSshCertificate
        Returns:
        the critical options as an unmodifiable map, never null but possibly empty

      • getExtensionsMap

        public java.util.SortedMap<java.lang.String,​java.lang.String> getExtensionsMap()
        Description copied from interface: OpenSshCertificate
        Retrieves the extensions set in the certificate.
        Specified by:
        getExtensionsMap in interface OpenSshCertificate
        Returns:
        the extensions as an unmodifiable map, never null but possibly empty

      • getReserved

        public java.lang.String getReserved()
        Description copied from interface: OpenSshCertificate
        Retrieves the "reserved" field of the certificate. OpenSSH currently doesn't use it and ignores it.
        Specified by:
        getReserved in interface OpenSshCertificate
        Returns:
        the "reserved" field.

      • getCaPubKey

        public java.security.PublicKey getCaPubKey()
        Description copied from interface: OpenSshCertificate
        Retrieves the CA public key of this certificate.
        Specified by:
        getCaPubKey in interface OpenSshCertificate
        Returns:
        the PublicKey

      • getMessage

        public byte[] getMessage()
        Description copied from interface: OpenSshCertificate
        Retrieves the raw byte content of the certificate, minus the signature. This is the data that was signed.
        Specified by:
        getMessage in interface OpenSshCertificate
        Returns:
        the part of the certificate raw data that was signed

      • getSignatureAlgorithm

        public java.lang.String getSignatureAlgorithm()
        Description copied from interface: OpenSshCertificate
        Retrieves the signature algorithm used for the signature.
        Specified by:
        getSignatureAlgorithm in interface OpenSshCertificate
        Returns:
        the signature algorithm as recorded in the certificate

      • getAlgorithm

        public java.lang.String getAlgorithm()
        Specified by:
        getAlgorithm in interface java.security.Key

      • getFormat

        public java.lang.String getFormat()
        Specified by:
        getFormat in interface java.security.Key

      • getEncoded

        public byte[] getEncoded()
        Specified by:
        getEncoded in interface java.security.Key

      • setKeyType

        public void setKeyType​(java.lang.String keyType)

      • setNonce

        public void setNonce​(byte[] nonce)

      • setCertPubKey

        public void setCertPubKey​(java.security.PublicKey certificatePublicKey)

      • setSerial

        public void setSerial​(long serial)

      • setId

        public void setId​(java.lang.String id)

      • setPrincipals

        public void setPrincipals​(java.util.Collection<java.lang.String> principals)

      • setValidAfter

        public void setValidAfter​(long validAfter)

      • setValidAfter

        public void setValidAfter​(java.time.Instant validAfter)
        If null, uses OpenSshCertificate.MIN_EPOCH
        Parameters:
        validAfter - Instant to use for validAfter

      • setValidBefore

        public void setValidBefore​(long validBefore)

      • setValidBefore

        public void setValidBefore​(java.time.Instant validBefore)
        If null, uses OpenSshCertificate.INFINITY
        Parameters:
        validBefore - Instant to use for validBefore

      • setCriticalOptions

        public void setCriticalOptions​(java.util.List<OpenSshCertificate.CertificateOption> criticalOptions)
        Sets the critical options of the certificate, overriding any options set earlier.
        Parameters:
        criticalOptions - to set; may be null or empty to remove all previously set options

      • setCriticalOptions

        public void setCriticalOptions​(java.util.Map<java.lang.String,​java.lang.String> criticalOptions)
        Sets the critical options of the certificate, overriding any options set earlier.
        Parameters:
        criticalOptions - to set; may be null or empty to remove all previously set options

      • addCriticalOption

        public boolean addCriticalOption​(java.lang.String name,
                                 java.lang.String value)
        Adds a critical option to the certificate, or removes it if value == null. To add an option with an empty value, use an empty string as value. If the certificate already has an option with the given name it is replaced.
        Parameters:
        name - of the option to set
        value - of the option
        Returns:
        true if the map did not contain the name; false if it did

      • setExtensions

        public void setExtensions​(java.util.List<OpenSshCertificate.CertificateOption> extensions)
        Sets the extensions of the certificate, overriding any extensions set earlier.
        Parameters:
        extensions - to set; may be null or empty to remove all previously set extensions

      • setExtensions

        public void setExtensions​(java.util.Map<java.lang.String,​java.lang.String> extensions)
        Sets the extensions of the certificate, overriding any extensions set earlier.
        Parameters:
        extensions - to set; may be null or empty to remove all previously set extensions

      • addExtension

        public boolean addExtension​(java.lang.String name,
                            java.lang.String value)
        Adds an extension to the certificate, or removes it if value == null. To add an extension with an empty value, use an empty string as value. If the certificate already has an extension with the given name it is replaced.
        Parameters:
        name - of the extension to set
        value - of the extension
        Returns:
        true if the map did not contain the name; false if it did

      • setReserved

        public void setReserved​(java.lang.String reserved)

      • setCaPubKey

        public void setCaPubKey​(java.security.PublicKey caPubKey)

      • setMessage

        public void setMessage​(byte[] message)

      • setSignature

        public void setSignature​(byte[] signature)

      • toDate

        private static java.lang.String toDate​(long timestamp)

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object